Update 5/2/2019: The Now team added some better documentation around caching static assets.

As of early January 2019, Now 2.0 is still young, and so is the documentation. It’s moving quickly and improving every day but one fairly common use case that I wasn’t able to find documented anywhere was how to set caching headers for static assets.

You could kind of figure it out via some trial and error, but I think it’s important enough for them to put in their docs. Previously for v1, it was pointed out very clearly with examples.

I reached out to them in…


Sweetest stock art I could find.

I’ve been doing a little email hack for the past few years. I can’t imagine I’m the only one that’s thought of this but every time I tell someone about it they think it’s clever and they’ve never thought of doing it, so I thought I would share.

For the sake of this post, let’s pretend my email is chris@gmail.com.

Most popular email clients support aliases using the + character, where you can have an infinite number of aliases for your email. When I register for new sites & services, I’ll use this feature to include the name of the…


The event-stream package had a major vulnerability. The malicious code was actually found in version 0.1.1 of flatmap-stream, but event-stream was the true source of the issue as it’s a popular package and introduced flatmap-stream in version 3.3.6 as part of the hack.

In a number of my projects it was an indirect dependency of nodemon, which is a dev dependency we use for local development and is never run in production. However I’m sure it’s a dependency or a dependency of a dependency (of a dependency) of a number of packages being used in production by plenty of applications.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store